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Apparatus and Method for Filtering 
Email Using Disposable Email Addresses 

background of the invention 

Field of the Invention 

[0001] This invention relates generally to the field of data processing systems. 
More particularly, the invention relates to an improved apparatus and method for 
filtering email using disposable email addresses. 

Description of the Related Art 

[0002] Unsolicited commercial e-mail, or "spam" is used to advertise products 
or to broadcast some political or social commentary. Like computer viruses, 
spam has become a scourge on the Internet as hundreds of millions of unwanted 
email messages are transmitted daily to virtually every e-mail recipient coupled to 
the Internet. One of the primary reasons for the proliferation of spam is that it is 
an extremely effective, and inexpensive was to reach a very large number of 
people. 

[0003] Internet service providers ("ISPs") have invested significant expenses 
and added an enormous number of servers to do nothing more than spam 
filtering. Various filtering techniques may be employed including simple 
comparisons of email headers to that of known spammers (e.g., email subject 
and/or FROM address), to complex, digital analyses of email messages (e.g., 
performing a checksum or a fuzzy logic comparison to known spam messages). 
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[0004] Despite the amount of time and effort spent to develop effective filtering 
techniques, a substantial amount of spam still makes it through to intended 
recipients. Accordingly, what is needed is an improved apparatus and method 
for filtering unwanted email messages. 
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SUMMARY OF THE INVENTION 

[0005] A system and method are described for filtering unwanted email 
messages. One embodiment of the filtering method comprises defining a 
plurality of disposable email addresses, wherein each of the disposable email 
addresses is associated with a different Website and/or individual; and in 
response to detecting a particular Website being visited by an end user, 
automatically providing the user with one or more disposable email address 
options from which to select. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

[0006] A better understanding of the present invention can be obtained from 
the following detailed description in conjunction with the drawings, in which: 

[0007] FIG. 1 illustrates a system for filtering email using disposable email 
messages according to one embodiment of the invention. 

[0008] FIG. 2 illustrates an association between a user's "home" email 
address and the user's disposable email addresses. 
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Detailed Description of Preferred Embodiments 

[0009] An improved apparatus and method is described below for filtering 
email using disposable email addresses. In the following description, for the 
purposes of explanation, numerous specific details are set forth in order to 
provide a thorough understanding of the present invention. It will be apparent, 
however, to one skilled in the art that the present invention may be practiced 
without some of these specific details. In other instances, well-known structures 
and devices are shown in block diagram form to avoid obscuring the underlying 
principles of the invention. 

Embodiments of the Invention 
[0010] Figure 1 illustrates one embodiment of the invention that filters spam 
using disposable email addresses. Specifically, this embodiment includes a 
disposable email address ("DEA") server 100 which acts as an email filtering 
agent between a client 120 and a mail server 1 10 on a network 140 (e.g., the 
Internet). 

[0011] For the purpose of the following discussion, it is assumed that the user 
of client 120 has an email account on mail server 110 (hereinafter the user's 
"home" account) and that the user's email address on the home account is 
mvaccount@home.com . The "home" account may be any type of email account 
including a Web account (e.g., Yahoo Mail, Hotmail) or a corporate email account 
protected by a firewall. To apply filtering to the user's home email account, in 
one embodiment, the user logs in to the DEA server 100 and establishes a 

Express Mail: EV336590174US 6 06181.P006 



separate "disposable" email account (or series of accounts). The disposable 
email account uses the following format: mvaccount-exfens/bn@deamail.com . 
where "myaccount" represents the users "base" email name and "extension" 
represents an extension to the base email name (as described in greater detail 
below). 

[0012] In one embodiment, to initially establish an account on the DEA server 
100, an end user specifies a base email name/address, and associates the base 
email name/address with his/her home email address. As illustrated in Figure 2, 
an email address database 102 on the DEA server 100 maintains an ongoing 
association between each user's home email account (e.g., myaccount® 
home.com ) and each user's DEA server 100 account (e.g., myaccount- 
extens/on@deamail.com ). 

[0013] In one embodiment, after the user establishes an account on the DEA 
server 100, the DEA server identifies any incoming email messages having the 
user's base address (e.g., "myaccount") as being addressed to the user, 
regardless of the extension used. For example, both the address mvaccount- 
amazon@deamail.com and mvaccount-bestbuy@deamail.com will be associated 
with the same user (identified by the "myaccount" base address). As such, the 
user may selectively provide disposable email addresses to different individuals 
and organizations, using a virtually unlimited number of different extensions. For 
example, when the user purchases an item from an e-commerce Website 140 
such as Amazon.com®, the user may provide a DEA server email address with 
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an extension that uniquely identifies the e-commerce Website (e.g., mvaccount- 
amazon@deamail.com ). Thus, if an e-commerce Website gives away the user's 
email address to a spammer, the user can easily identify the e-commerce site 
that gave away the address and can discard the old extension in place of a new 
extension (e.g., mvaccount-amazon2(S) deamail.com ). 

' [0014] In one embodiment, using the association maintained in the email 
address database 102, the DEA 100 server forwards certain email messages 
from the user's DEA email account to the user's home email account 1 10 (so that 
the user can retrieve all of his/her email from a single mail server). Prior to 
transmission to the home account, email filtering logic 104 analyzes email 
messages according to a specified set of filtering rules. For example, the email 
filtering logic 104 may compare the source address or the subject field of 
incoming email messages to that of known spammers. The email filtering logic 
104 may also perform a digital analysis such as a checksum comparison, or 
other types of logical comparisons (e.g., a fuzzy logic comparison). The user 
may also specify a "blacklist" which indicates specific email addresses from 
which he/she does not want to receive email. For example, if the user identifies 
a particular extension that was provided to spammers, the user can specify that 
the extension is no longer valid and/or that the filtering logic 104 should simply 
drop any email message containing that extension. Various other filtering 
techniques may be employed by the filtering logic 104 while still complying with 
the underlying principles of the invention. 
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[0015] The user may configure the email filtering module 104 in a variety of 
different ways. In one embodiment, the user configures the email filtering 
module 104 to forward any email messages having the user's base address 
except those on the user's blacklist. Alternatively, the user may configure the 
email filtering module 104 to filter all email messages, except those explicitly 
provided by the user - i.e., on a defined "white list" of base/extension 
combinations. In the latter embodiment, the user must inform the email filtering 
module each time the user creates a new extension; in the former embodiment, 
the user may generate new extensions at will, and only specify those extensions 
that the filtering module 104 should filter. 

[0016] As mentioned above, in one embodiment, email which is not filtered by 
the filtering module is forwarded to the user's home mail server 110. To forward 
the message, the DEA server 100 enters the user's home email address in the 
destination field of the email message header (i.e., the "TO:" field). In addition, in 
one embodiment, the DEA server 100 appends the extension of the DEA 
address into the subject header of the email message. Returning to the previous 
example, if the user ordered a book from Amazon.com and the original email 
message subject was "Your Book Order," then the DEA server may imbed the 
"Amazon" extension within the subject of the email message as follows: "Amazon 
: Your Book Order." As a result, the user can readily determine the DEA address 
that was used to send the email message. 
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[0017] To alleviate the burden of managing a plurality of different disposable 
email addresses, one embodiment of the invention employs client-side and/or 
DEA server-side email address management logic. In the specific embodiment 
illustrated in Figure 1, a DEA plugin 124 is installed on the user's Internet 
browser 122 to manage disposable email addresses. The DEA plugin 124 may 
be installed, for example, when the user registers with the DEA server 100. In 
one embodiment, the DEA plugin 124 maintains an up-to-date list of the current 
base-extension combinations selected by the end user (e.g., "myaccount- 
amazon," "myaccount-bestbuy," . . . etc). After a particular extension is recorded, 
the DEA plugin 124 may detect when user returns to a particular Website (e.g., 
based on the secondary domain name such as "amazon" within the amazon.com 
Web address), and automatically provide the user with the correct base- 
extension for that site. For example, when the user moves into the data entry 
field on the Amazon.com Website where the user's email address is required 
(e.g., to sign in to the Website), the DEA plugin 124 may automatically provide 
the correct base-extension email address by selecting a particular input 
sequence on his/her cursor control device such as, for example, a right-click on 
the user's mouse. In one embodiment, in response to the cursor control input 
sequence, the DEA plugin 124 generates a graphical list containing a plurality of 
email addresses from which to select. 

[0018] In one embodiment, if the user has not previously entered an email 
address on a particular Website, the DEA plugin 124 will provide the user with an 
option to "automatically generate a new disposable email address" (e.g., within 
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an action list generated in response to the cursor control input sequence). If the 
user selects this option, the DEA plugin 124 will automatically generate a new 
disposable email address for the Website on which the user is currently 
browsing. In one embodiment, the DEA plugin will automatically add the 
secondary domain name to the user's base address to generate the base- 
extension combination (e.g., "myaccount-amazon"). In response to the cursor 
control sequence, the user may also be provided with an option to "manually 
generate a new disposable email address." The user may use this option to 
manually select a new base-extension combination for the Website (or 
individual). In addition to the foregoing options, the user may also be provided 
with a complete list of all current disposable and/or home email addresses from 
which to select. 

[0019] In one embodiment, the DEA plugin 124 communicates with the DEA 
server 100 at different stages of the email address selection process (e.g., each 
time a new disposable email address is created). For example, in one 
embodiment, once the user selects a new extension for a new Website, the DEA 
plugin automatically transmits an indication of the new extension to the DEA 
server 100, which stores the new extension within the email address database 
100 (e.g., within the database table shown in Figure 2). Thus, any time a new 
disposable address is created, it is automatically made available to the email 
filtering module, which may add it to the user's "white list," as described above. 
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[0020] The DEA server 100 may be configured to select new email addresses 
on behalf of the end user (rather than the DEA plugin 124). In this embodiment, 
email address generation logic 106 executed on the DEA server 100 
automatically provides a new disposable email address to the DEA plugin 124 in 
response to a request from the DEA plugin 124 for a new disposable email 
address, and saves the new disposable email address within the email address 
database 102. As part of its request, the DEA plugin 124 may provide the 
address generation logic 106 with information relevant to address selection (e.g., 
such as the current secondary domain name of the Webpage on which the 
browser is positioned). 

[0021] In one embodiment, after a user has instructed the DEA server to add 
a particular disposable email address to the user's blacklist (e.g., after detecting 
that the address has been provided to spammers), the DEA plugin 106 and/or 
the email address generation logic 106 will automatically provide the user with an 
alternative address upon detecting that the user is browsing the relevant 
Website. For example, if the initial address for Amazon.com was mvaccount- 
amazon@deamail.com , then the DEA plugin 124 and/or the email address 
generation logic 106 may add a sequential number to the extension, resulting in 
mvaccount-amazon2@deamail.com . As described above, this option may be 
automatically provided to the user upon detecting that the user is browsing within 
an email address data field within the Amazon.com website. If the second 
address is subsequently provided to spammers, the DEA plugin 124 and/or the 
email address generation logic 106 may add another sequential number to the 
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extension, resulting in the new disposable address mvaccount-amazon3@ 
deamail.com (and so on). 

[0022] In one embodiment, rather than adding a sequential number, the DEA 
plugin 124 and/or the email address generation logic 106 adds a random number 
to the extension, potentially even the first time the user visits a website (e.g., 
myaccount-amazon264@deamail.com). As a result, if spammers determine a 
user's base address, they will be unable to get through simply by using common 
domains the user is likely to subscribe to (e.g. myaccount-amazon 
@deamail.com would be rejected, if "amazon264" was the correct extension). 

[0023] As described above, the client 120 may communicate with the DEA 
server 100 via a browser 122 such as Internet Explorer® or Netscape 
Navigator®. In this embodiment, the DEA server is a Web server that 
communicates with the client 120 using the Hypertext Transport Protocol 
("HTTP"). It should be noted, however, that the underlying principles of the 
invention are not limited to any particular type of communication protocol or any 
type of client-side or server-side software. 

[0024] Embodiments of the invention may include various steps as set forth 
above. The steps may be embodied in machine-executable instructions which 
cause a general-purpose or special-purpose processor to perform certain steps. 
Various elements which are not relevant to the underlying principles of the 
invention such as computer memory, hard drive, input devices, have been left out 
of the figures to avoid obscuring the pertinent aspects of the invention. 
Express Mail: EV3365901 74US 13 061 81 .P006 



Alternatively, in one embodiment, the various functional modules illustrated 
herein and the associated steps may be performed by specific hardware 
components that contain hardwired logic for performing the steps, such as an 
application-specific integrated circuit ("ASIC") or by any combination of 
programmed computer components and custom hardware components. 

[0025] Elements of the present invention may also be provided as a machine- 
readable medium for storing the machine-executable instructions. The machine- 
readable medium may include, but is not limited to, flash memory, optical disks, 
CD-ROMs, DVD ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, 
propagation media or other type of machine-readable media suitable for storing 
electronic instructions. For example, the present invention may be downloaded 
as a computer program which may be transferred from a remote computer (e.g., 
a server) to a requesting computer (e.g., a client) by way of data signals 
embodied in a carrier wave or other propagation medium via a communication 
link (e.g., a modem or network connection). 

[0026] Throughout the foregoing description, for the purposes of explanation, 
numerous specific details were set forth in order to provide a thorough 
understanding of the present system and method. It will be apparent, however, 
to one skilled in the art that the system and method may be practiced without 
some of these specific details. Conversely, certain details of the system on 
which the invention is implemented have not been shown to avoid obscuring the 
principles of the invention. For example, each of the clients and servers 
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illustrated in Figure 1 may be implemented on well known general computing 
platforms such as an Intel Pentium 4 platform having 1 GByte or more of double 
data rate ("DDR") SDRAM memory and 80 GBytes or more of hard drive 
capacity. Similarly, the network 140 illustrated in Figure 1 may be implemented 
using any suitable combination of Ethernet switches, TCP/IP gateways and/or 
routers, and associated physical layer cabling. 

[0027] Accordingly, the scope and spirit of the present invention should be 
judged in terms of the claims which follow. 
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